CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25933 – WordPress PeproDev Ultimate Invoice plugin <= 1.9.7 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-25933
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pepro Dev. ... The PeproDev Ultimate Invoice plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.7 via the 'init_plugin' function. • https://patchstack.com/database/vulnerability/pepro-ultimate-invoice/wordpress-peprodev-ultimate-invoice-plugin-1-9-7-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-7236 – Backup Bolt <= 1.3.0 - Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-7236
The Backup Bolt WordPress plugin through 1.3.0 is vulnerable to Information Exposure via the unprotected access of debug logs. This makes it possible for unauthenticated attackers to retrieve the debug log which may contain information like system errors which could contain sensitive information. ... The Backup Bolt plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.0 via error log file. This makes it possible for unauthenticated attackers to obtain information about an affected site's configuration, files and directories. • https://wpscan.com/vulnerability/2a4557e2-b764-4678-a6d6-af39dd1ba76b • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-6821 – Error Log Viewer < 1.1.3 - Directory Listing to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-6821
The Error Log Viewer by BestWebSoft WordPress plugin before 1.1.3 contains a vulnerability that allows you to read and download PHP logs without authorization El complemento Error Log Viewer de BestWebSoft WordPress anterior a 1.1.3 contiene una vulnerabilidad que le permite leer y descargar registros PHP sin autorización The Error Log Viewer by BestWebSoft WordPress plugin before 1.1.3 is affected by a Directory Listing issue, allowing users to read and download PHP logs without authorization The Error Log Viewer by BestWebSoft plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.2 via the plugin's log files. This makes it possible for unauthenticated attackers to extract sensitive data including file paths and other information stored within those logs. • https://wpscan.com/vulnerability/6b1a998d-c97c-4305-b12a-69e29408ebd9 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-50951 – IBM QRadar Suite information disclosure
https://notcve.org/view.php?id=CVE-2023-50951
IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 in some circumstances will log some sensitive information about invalid authorization attempts. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275747 https://www.ibm.com/support/pages/node/7118604 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-22337 – IBM QRadar Suite information disclosure
https://notcve.org/view.php?id=CVE-2024-22337
IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user. • https://exchange.xforce.ibmcloud.com/vulnerabilities/279977 https://www.ibm.com/support/pages/node/7118642 • CWE-532: Insertion of Sensitive Information into Log File •